cloudflare/cloudflared
Publicmirrored from https://github.com/cloudflare/cloudflaredAvailable
certutil/certutil_test.go
51lines · modecode
| 1 | package certutil |
| 2 | |
| 3 | import ( |
| 4 | "fmt" |
| 5 | "io/ioutil" |
| 6 | "testing" |
| 7 | |
| 8 | "github.com/stretchr/testify/assert" |
| 9 | ) |
| 10 | |
| 11 | func TestLoadOriginCert(t *testing.T) { |
| 12 | cert, err := DecodeOriginCert([]byte{}) |
| 13 | assert.Equal(t, fmt.Errorf("Cannot decode empty certificate"), err) |
| 14 | assert.Nil(t, cert) |
| 15 | |
| 16 | blocks, err := ioutil.ReadFile("test-cert-unknown-block.pem") |
| 17 | assert.Nil(t, err) |
| 18 | cert, err = DecodeOriginCert(blocks) |
| 19 | assert.Equal(t, fmt.Errorf("Unknown block RSA PRIVATE KEY in the certificate"), err) |
| 20 | assert.Nil(t, cert) |
| 21 | } |
| 22 | |
| 23 | func TestJSONArgoTunnelTokenEmpty(t *testing.T) { |
| 24 | cert, err := DecodeOriginCert([]byte{}) |
| 25 | blocks, err := ioutil.ReadFile("test-cert-no-token.pem") |
| 26 | assert.Nil(t, err) |
| 27 | cert, err = DecodeOriginCert(blocks) |
| 28 | assert.Equal(t, fmt.Errorf("Missing token in the certificate"), err) |
| 29 | assert.Nil(t, cert) |
| 30 | } |
| 31 | |
| 32 | func TestJSONArgoTunnelToken(t *testing.T) { |
| 33 | // The given cert's Argo Tunnel Token was generated by base64 encoding this JSON: |
| 34 | // { |
| 35 | // "zoneID": "7b0a4d77dfb881c1a3b7d61ea9443e19", |
| 36 | // "apiToken": "test-service-key", |
| 37 | // "accountID": "abcdabcdabcdabcd1234567890abcdef" |
| 38 | // } |
| 39 | CloudflareTunnelTokenTest(t, "test-cloudflare-tunnel-cert-json.pem") |
| 40 | } |
| 41 | |
| 42 | func CloudflareTunnelTokenTest(t *testing.T, path string) { |
| 43 | blocks, err := ioutil.ReadFile(path) |
| 44 | assert.Nil(t, err) |
| 45 | cert, err := DecodeOriginCert(blocks) |
| 46 | assert.Nil(t, err) |
| 47 | assert.NotNil(t, cert) |
| 48 | assert.Equal(t, "7b0a4d77dfb881c1a3b7d61ea9443e19", cert.ZoneID) |
| 49 | key := "test-service-key" |
| 50 | assert.Equal(t, key, cert.APIToken) |
| 51 | } |